From 9b5580592c0cf065f1e3cb6fd1f927122320787d Mon Sep 17 00:00:00 2001 From: Eduardo Hernandez <39539196+EduardoGHdez@users.noreply.github.com> Date: Sat, 10 Aug 2019 17:06:15 -0500 Subject: [PATCH] Upgrade i18n (#1685) * Upgrade i18n i18n Gem for Ruby lib/i18n/core_ext/hash.rb Hash#slice() Function Hash Handling DoS This address CVE-2014-10077 For more information: * https://github.com/ruby-i18n/i18n/pull/289 * Update faker.gemspec --- Gemfile.lock | 2 +- faker.gemspec | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2bfdc21885..dcde26509d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,7 +2,7 @@ PATH remote: . specs: faker (2.1.0) - i18n (>= 0.7) + i18n (>= 0.8) GEM remote: https://rubygems.org/ diff --git a/faker.gemspec b/faker.gemspec index 014d523abc..0bca74c125 100644 --- a/faker.gemspec +++ b/faker.gemspec @@ -12,7 +12,7 @@ Gem::Specification.new do |spec| spec.summary = 'Easily generate fake data' spec.description = 'Faker, a port of Data::Faker from Perl, is used to easily generate fake data: names, addresses, phone numbers, etc.' - spec.homepage = 'https://github.com/stympy/faker' + spec.homepage = 'https://github.com/faker-ruby/faker' spec.license = 'MIT' spec.files = Dir['lib/**/*'] + %w[History.md License.txt CHANGELOG.md README.md] @@ -21,11 +21,11 @@ Gem::Specification.new do |spec| spec.require_paths = ['lib'] spec.required_ruby_version = '>= 2.3' - spec.metadata['changelog_uri'] = 'https://github.com/stympy/faker/blob/master/CHANGELOG.md' - spec.metadata['source_code_uri'] = 'https://github.com/stympy/faker' - spec.metadata['bug_tracker_uri'] = 'https://github.com/stympy/faker/issues' + spec.metadata['changelog_uri'] = 'https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md' + spec.metadata['source_code_uri'] = 'https://github.com/faker-ruby/faker' + spec.metadata['bug_tracker_uri'] = 'https://github.com/faker-ruby/faker/issues' - spec.add_dependency('i18n', '>= 0.7') + spec.add_dependency('i18n', '>= 0.8') spec.add_development_dependency('minitest', '5.11.3') spec.add_development_dependency('pry', '0.12.2')